Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

• The Destin gas pipeline system was shut down following a June 28
fire at an Enterprise Products Partners LP plant in Pascagoula, Mississippi
forcing at least two offshore gas platforms in the U.S. Gulf of Mexico to halt
operations. – Reuters

1. June 28,
Reuters – (National) Fire at Mississippi gas plant halts two U.S. Gulf
Coast platforms. The Destin gas pipeline system was shut down following a
June 28 fire at an Enterprise Products Partners LP plant in Pascagoula,
Mississippi. The pipeline’s closure forced at least two offshore gas platforms
in the U.S. Gulf of Mexico to halt operations until the pipeline resumes
production.

• Toyota Motor Corp., issued a recall June 29 for 3.37 million of
its vehicles worldwide due to faulty fuel-emissions control canisters and
Autoliv Inc.-supplied curtain air bag inflators. – Bloomberg News

4. June 29,
Bloomberg News – (International) Toyota recalls 3.4 million cars over air
bags, fuel tanks. Toyota Motor Corp., issued a recall June 29 for a total
of 3.37 million of its vehicles worldwide including 2.87 million of its model
years 2006 – 2015 Prius hybrid and Corolla vehicles due to faulty
fuel-emissions control canisters that can crack and cause leaks when the
vehicles have full gas tanks. The recall also includes 1.43 million of its
model years 2008 – 2012 Prius hybrid and Lexus CT vehicles due to faulty
Autoliv Inc.-supplied curtain air bag inflators that may partially inflate in
parked vehicles and injure occupants. Source: http://www.bloomberg.com/news/articles/2016-06-29/toyota-recalls-more-than-4-million-cars-on-air-bags-fuel-tanks

• Three crew members are presumed dead and another is injured
after two BNSF Railway freight trains collided in the Texas Panhandle June 28
causing several cars to erupt in flames and prompting officials to evacuate
nearby residents. – Associated Press

6. June 29,
Associated Press – (Texas) Authorities: 3 train workers in Texas wreck presumed
dead. Three crew members are presumed dead and another is injured after two
BNSF Railway freight trains collided 25 miles northeast of Amarillo June 28,
causing several cars to erupt in flames and prompting officials to evacuate
nearby residents. In response to the head on crash BNSF officials pledged to
adopt technology called positive train control (PTC) that uses GPS, wireless
radio, and computers to monitor train positions to automatically slow or stop
trains in danger of colliding or derailing. Source: http://www.msn.com/en-us/news/us/crews-fighting-blaze-at-train-collision-site-with-3-missing/ar-AAhJaBR

• California fire crews continued June 28 to battle 9 wildfires
burning across the State which have collectively scorched more than 71,010
acres of land. – Banning-Beaumont Patch

14. June 28,
Banning-Beaumont Patch – (California) California wildfire update:
Tuesday, June 28. California fire crews continued June 28 to battle 9
wildfires burning across the State which have collectively scorched more than
71,010 acres of land.

16. June 29,
Softpedia – (International) Symantec products affected by multiple “as
bad as it gets” vulnerabilities. A security researcher from Google’s
Project Zero initiative discovered several vulnerabilities in Symantec’s
security products including buffer overflow flaws, memory corruption flaws, and
a high-severity flaw that does not require user interaction, affects default
configuration, and allows the software to run on the highest privilege levels
possible due to a vulnerable code in ASPack. Attackers could exploit the vulnerabilities
by sending an email with a malicious file or embed a malicious link inside the
email, among other methods. Source: http://news.softpedia.com/news/symantec-products-affected-by-multiple-as-bad-as-it-gets-vulnerabilities-505786.shtml

18. June 28,
Softpedia – (International) LevelDropper Android app infected with
autorooting malware. Lookout researchers identified the LevelDropper app in
the Google Play Store which hides malware capable of rooting the user’s device
in order to install unwanted applications. Researchers also found two privilege
escalation exploits and supporting package files such as busybox and SuperSU,
which also have the ability to root the device. Source: http://news.softpedia.com/news/leveldropper-android-app-infected-with-autorooting-malware-505727.shtml

• The U.S. Securities and Exchange Commission announced June 27
that beginning in 2018 oil, gas, and mining companies must disclose all
payments made to foreign governments. – Reuters

3. June 27,
Reuters – (International) SEC adopts rule on oil, mining payments to
foreign governments. The U.S. Securities and Exchange Commission announced
that it approved a rule June 27 requiring oil, gas, and mining companies to
disclose payments made to foreign governments beginning in 2018. The rule
requires companies to publicly release how much they pay governments in taxes,
royalties, and other types of fees for exploration, extraction, and other
activities.

• Volkswagen AG agreed June 28 to pay $14.7 billion to the State
of California and the U.S. Federal Trade Commission to settle allegations that
the company cheated emissions tests and deceived nearly 500,000 customers by
installing illegal software in select model years 2009 – 2015 Volkswagen and
Audi vehicles. – U.S. Department of Justice

6. June 28,
U.S. Department of Justice – (National) Volkswagen to spend up to $14.7
billion to settle allegations of cheating emissions tests and deceiving
customers on 2.0 liter diesel vehicles. In parallel settlements with the
U.S. and the State of California, and the U.S. Federal Trade Commission, Volkswagen
AG and related entities agreed June 28 to pay up to $14.7 billion to settle
allegations that the company cheated emissions tests and deceived nearly
500,000 customers by installing illegal software in select makes of its model
years 2009 – 2015 Volkswagen and Audi vehicles equipped with turbocharged
direct injection (TDI) 2.0-liter diesel engines that detects when the car is
being tested for compliance with Federal or California State emissions
standards, and turns on full emissions controls only during the testing
process. As part of the settlement, Volkswagen will spend $10.03 billion to
compensate consumers and an additional $4.7 billion to mitigate the pollution
from the vehicles and invest in green vehicle technology. Source: https://www.justice.gov/opa/pr/volkswagen-spend-147-billion-settle-allegations-cheating-emissions-tests-and-deceiving

• Two Michigan men were arrested in Canton, Ohio, June 24 for
allegedly using stolen credit card information to clone a credit card and
purchase 501 gift cards and pre-paid debit cards. – Canton Repository See
item 10 below in
the Financial Services Sector

• More than 5,000 firefighters worked June 27 to contain 9
wildfires in California that collectively burned nearly 70,000 acres and
damaged hundreds of structures. – Los Angeles Times

16. June 27,
Los Angeles Times – (California) Nine California wildfires destroy almost 70,000
acres. More than 5,000 firefighters worked June 27 to contain 9 wildfires
in California, which have collectively burned nearly 70,000 acres and damaged
hundreds of structures, including the 45,388-acre Erskine Fire burning in Kern
County which has destroyed 250 structures and caused 2 deaths. Source: http://www.latimes.com/local/lanow/la-me-ln-wildfire-update-20160627-snap-story.html

Financial Services Sector

9. June 27,
U.S. Department of Justice – (California) Former attorney pleads guilty
to participating in fraudulent mortgage modification scheme. A former
Irvine, California-based attorney pleaded guilty June 27 to Federal charges for
his role in a multi-million dollar fraudulent mortgage modification scheme
where he and co-conspirators allegedly convinced homeowners facing foreclosure
to pay up to $5,500 for services from the Rodis Law Group (RLG) by falsely
claiming that RLG consisted of a team of attorneys experienced in negotiating
loan modifications from the homeowners’ mortgage lenders, and by purporting
that RLG was consistently successful in obtaining lower interest rates for
homeowners, among other misrepresentations between October 2008 and June 2009. Source:
http://www.ocregister.com/articles/rodis-720743-mortgage-fraud.html

10. June 27,
Canton Repository – (Ohio) Michigan men suspected in Canton credit card fraud. Two
Michigan men were arrested at a Walmart store in Canton, Ohio, June 24 for
allegedly using stolen credit card information to clone a credit card and
purchase 501 gift cards and pre-paid debit cards. Authorities stated the cards
were worth over $50,000. Source: http://www.cantonrep.com/news/20160627/michigan-men-suspected-in-canton-credit-card-fraud

20. June 27,
SecurityWeek – (International) MIRCOP ransomware claims to be victim,
demands payback. Trend Micro researchers reported that the MIRCOP
ransomware abuses Microsoft PowerShell to download and execute the malicious
payload, and sends the user a ransom note claiming that the victim stole 48.48
Bitcoins, suggesting that the victim knows how to return the money. MIRCOP
prepends files with the string “Lock” and can steal credentials from various
applications including Mozilla Firefox, Google Chrome, Opera, FileZilla, and Skype. Source: http://www.securityweek.com/mircop-ransomware-claims-be-victim-demands-payback

For additional stories, see
items 7 and 8 below from the Critical Manufacturing Sector

7. June 28,
Help Net Security – (International) 25,000-strong CCTV botnet used for crippling
DDoS attacks. Sucuri researchers discovered that a closed circuit
television (CCTV) botnet comprised of 25,000 cameras worldwide was carrying out
distributed denial-of-service (DDoS) attacks against a jewelry store Web site
and found that the compromised cameras were able to emulate normal behavior of
popular browsers in order to make the botnet more difficult to identify and
block. Researchers reported that the attackers could have hacked the devices
via a recently disclosed remote code execution (RCE) vulnerability in
CCTV-Digital Video Recorders (DVRs).

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"